Cheatography
https://cheatography.com
Cheatsheet about AWS Certified Developer
This is a draft cheat sheet. It is a work in progress and is not finished yet.
Cloud Computing Models (SI)
On-Premise |
You are the owner of the infrastructure |
Cloud |
Someone owns the servers, you are responsible for setting up the cloud services and the code |
Hybrid |
Mix of the previous approaches |
Amazon Simple Storage Service (S3) SI
Object Storage Service. It will allow us to store objects in buckets, and each object can have a maximum of 5TB. Each object has a key, value, metadata, access control information and version ID. |
Amazon S3 - Security & Policies (SI)
Effect |
Allow/Deny |
Principal |
Who can perform an action over the bucket/object |
Action |
What the user can do over the bucket/object |
Resource |
Object/bucket affected |
Amazon S3 - Encryption (SI)
Server Side Encryption - S3 |
Amazon S3 manages the encryption key |
Server Side Encryption - KMS |
AWS KMS manages the encryption key |
Server Side Encryption - C |
The customer provides the encryption keys |
Client Side Encryption |
Encrypting data before sending it to Amazon S3 |
Dual-layer Server Side Encryption - DSSE-KMS |
It applies two layers of encryption to objects when they are uploaded to Amazon S3 |
AWS CloudTrail (SI)
Monitor and record account activity across your AWS infrastructure. For example, you can check the account that deleted an EC2 instance. There are two types of events:
- Data events: Visibility into the resource operations performed on or within a resource.
- Management events: Visibility into management operations performed in our AWS accounts. |
A PARTIR DE AQUI TODO ES NEW
Amazon CloudFront - Cache
Edge Location |
Each Edge Location has its own cache |
Cache Key |
Unique identifier for an object in the cache |
Cache Policies |
Based on HTTP headers, Cookies, or Query Strings. Automatically included in the origin request. You can use TTL |
Cache Invalidations |
Entire Refresh (invalidating all files) or Partial Refresh (invalidating a set of files) of the cache |
Cache Behaviors |
Settings that describes how CloudFront processes requests |
AWS CodeCommit - Authentication
HTTPS |
AWS Access Key |
HTTPS |
GIT credentials generated with IAM |
SSH |
SSH keys associated with IAM user |
Files/Folders Summary
CodeBuild |
buildspec.yml |
CodeDeploy (Lambda/ECS) |
appspec.yaml |
CodeDeploy (EC2/On-premise) |
appspec.yml |
Elastic Beanstalk |
ebextensions |
Elastic Beanstalk (Docker) |
dockerrun.aws.json |
|
|
Elastic Compute Cloud (EC2) (SI)
EC2 is a web service to provide compute capacity in the cloud. It's one of the core services of AWS, including processor, storage, networking, operating system, and purchase model. It's composed of Virtual machines (EC2), Block-storage service (EBS), Load Balancer (ELB) and Elasticity of the resources (Auto Scaling Group) |
EC2 Instances Types (SI)
R |
Application requires RAM |
C |
Application requires CPU |
M |
Balanced Applications Medium |
I |
Application requires I/O |
G |
Application requires GPU |
T2/T3 |
Burstable instances |
T2/T3 Unlimited |
Burstable instances that you can pay more to not lose performance |
EC2 Security Groups (SI)
Inbound Traffic |
Traffic that tries to access the instance. |
Outbound Traffic |
Traffic that leaves the instance |
Security Groups act as a virtual firewall to control inbound and outbound traffic for your instance. You can specify allow rules, but not deny rules. They live outside of EC2, so you can attach them to multiple instances.
EBS (SI - edit)
Block-storage service for EC2. It's a network storage drive, and you pay for the capacity you provision. You can back up the data on your Amazon EBS volumes to Amazon S3 by taking point-in-time incremental snapshots.
You will also need to create snapshots to migrate an EBS between AWS Regions. You'll have to restore the snapshot in the Region where you want to copy it. |
EBS Types (SI)
GP2/GP3 SSD |
General Purpose SSD volumes |
IO1/IO2 SSD |
Highest performance. They support EBS Multi-Attach (attach IO1 or IO2 volume to multiple EC2 instances in the same AZ) |
ST1 HHD |
Frequently accessed, throughput-intensive workloads |
SC1 HHD |
Lowest cost per GB |
Instance Store (SI)
Temporary physically attached storage for your instance. It provides high performance / IOPS. |
Elastic File System (EFS) (SI)
Performance Modes |
General Pupose & Max I/O |
Storage Classes |
Standard & Standard-IA |
EFS allows you to mount a file storage system across multiple AZs and instances. It provides massively parallel shared access to thousands of instances.
Main Serverless Services (SI)
AWS Lambda |
Lambda@Edge |
DynamoDB |
API Gateway |
Amazon Cognito |
AWS Serverless Application Model |
A PARTIR DE AQUI TODO ES NEW (copy)
ECS Task Placement Constraints
distinctInstance |
Place each task on a different container instance. For example, there will never be two tasks on the same instance |
memberOf |
Place tasks on container instances that satisfy an expression |
The Task Placement Constraints are rules that's considered during task placement.
Example of Task Placement Constraint
"placementConstraints": [
{
"expression": "attribute:ecs.instance-type =~ t2.*",
"type": "memberOf"
}
]
|
|
